Recently I was asked to compile a list of all CiviCRM releases since 3.1.0, identifying which were security releases so that we could make sure clients' sites were secure. The organization I work for (Freeform Solutions) is focused on doing sites for other non-profit organizations, many of whom are still running older versions of CiviCRM due to budgetary or other constraints, so we wanted to be sure that no one was running a version known to contain security vulnerabilities. Since this seemed like the sort of resource that might be useful to other CiviCRM users, I'm sharing it here.
Of course, the simplest approach is probably just making sure any given client is running the latest release of their particular CiviCRM version (4.3.x, 4.2.x, etc.). But this isn't always reliable (as pointed out by Herb in a comment below), because security fixes are not always applied to older versions (currently, versions prior to 4.2 are not being updated...Read more
IMPORTANT: You do NOT need to upgrade CiviCRM to remove this vulnerability. See "Prevent Attacks: Delete the Vulnerable File" below.
In recent days, multiple site admininistrators have reported evidence that their sites were attacked using vulnerabilities in the OpenFlashChart library included with prior versions of CiviCRM. This vulnerability was eliminated in the CiviCRM v4.2.6 release (Dec 2012), and site administrators were strongly advised to apply the upgrade. However, as older versions of CiviCRM are still vulnerable, site administrators running outdated versions of CiviCRM should take steps immediately to prevent new attacks and identify past attacks. This blog post provides some background and suggestions.
You can check what version of CiviCRM you are using by looking on any CiviCRM page. The version is displayed at the bottom of the screen (see screenshot...
CiviCRM 3.2.5 is a security release, fixing security vulnerabilities in CiviCRM Ajax and REST interfaces and export code. We strongly recommend that you upgrade your CiviCRM installation to 3.2.5.
We just released CiviCRM 3.2.5 – it is now available for download. You can also try it out on our demo site. This release introduces quite a few bug fixes; for full list of things that has been fixed/improved in 3.2.5, please take a look at our issue tracker.
For more details on major new features/highlights, please refer to...Read more
This release introduces quite a few bug fixes; for full list of things that has been fixed/improved in 3.2.4, please take a look at our issue tracker.
For more details on major new features/highlights, please refer to 3.2 release blog post, here's the short list:
- Usability improvements
- Support for PHP 5.3
- CiviCase Phase 3
Over the last year rayogram has worked with the New York State Senate to deploy a customized version of CiviCRM 3.2 for each Senate office. In the course of this work, we developed a custom theme for NYSS that leverages much of the template work that we did for the CiviCRM 3.2.
When we presented the work we had done for CiviCRM 3.2 and this theme to the CiviCRM community at CiviCon we got a number of requests for some of the bits of customization we did. Two specific features were requested:
- Sidebar tabs on contact page
- Recent items in footer, with profile "overlay"
This got us thinking: everybody needs a good CiviCRM admin theme, and we were already 80% of the way there. All we needed to do was add some extra customization and abstraction to...Read more
This release introduces changes to pledge recording and quite a few bug fixes; for full list of things that has been fixed/improved in 3.2.3, please take a look at our issue tracker.
Unfortunately a bug related to wrong case types being displayed was introduced into 3.2.3 release. The patch will be available in the next 3.2.4 release and could be downloaded...
Update: Due to an unfortunate error multilingual sites cannot be upgraded to CiviCRM 3.2.2; if you’re running such site please wait for CiviCRM 3.2.3. Single-language sites (regardless of the language they use) should upgrade to CiviCRM 3.2.2 cleanly, and new CiviCRM 3.2.2 installations (both single- and multilingual) should work without a problem.
We just released CiviCRM 3.2.2 – it is now available for download. You can also try it out on our demo site. It is mainly a bug fix release – for full list of things that has been fixed/improved in 3.2.2, please take a look at our...Read more
I have developed very basic iphone app for CiviCRM using Titanium framework.Features
- Allows users to "Search Contacts" from their remote CiviCRM database.
- Add Individuals.
- App uses CiviCRM REST interface so you can scale it according to your needs.